On 29.08.10 21:40, Noel Jones wrote:
Sorry, I forgot to specify the map type in my example. It must be
either regexp: or pcre:.
No need for you to apologize. I feel quite silly, because you obviously
specifed a regular expression in your example, and I read it as such. I
don't know what made
Hi there.
Moving from sendmail to a macos 10.6 server that ships with postfix..
There are a few things that I'm trying to replicate from sendmail into
postifx, but I'm not having much luck.
Problems:
1- People on local network (e.g. from 192.168.0.0/24) can send email
without authentication (so
On 2010-08-30 8:56 AM, Jean-Yves Avenard jyaven...@gmail.com wrote:
Moving from sendmail to a macos 10.6 server that ships with postfix..
Per the welcome message you received when you joined the list:
TO REPORT A PROBLEM see:
http://www.postfix.org/DEBUG_README.html#mail
This means, at a
Jean-Yves Avenard:
I thought I could add something like this in the canonical file:
/^(reg)-(.*)-(.*)$/ ${2}
However, I read in a few place that this would break recipient validation.
Should add that while with the canonical above I do get the email to
the proper mailbox delivered, the
On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
query_filter = proxyaddresses=...@domain1.ch*
DO NOT use wildcard * patters to match recipients. The correct query
is:
query_filter = proxyAddresses=smtp:%...@domain1.ch
or, more typically:
query_filter =
Hi
On 30 August 2010 23:25, Charles Marcus cmar...@media-brokers.com wrote:
On 2010-08-30 8:56 AM, Jean-Yves Avenard jyaven...@gmail.com wrote:
Moving from sendmail to a macos 10.6 server that ships with postfix..
Per the welcome message you received when you joined the list:
TO REPORT A
Hi
On 30 August 2010 23:43, Wietse Venema wie...@porcupine.org wrote:
I kindly suggest that you read the manual (RTFM) before asking
questions that are already answered there.
Canonical mappings can rewrite the envelope addresses (i.e. what
Postfix delivers) without changing the addresses
On Sat, Aug 28, 2010 at 07:02:48PM +0200, martin f krafft wrote:
We are using $smtp_tls_policy_maps, in addition to
This is a feature of the Postfix SMTP *client*, that sends mail to
remote sites.
Due to some issues we've been having[0], I would like to have a more
permanent means of
On 30 August 2010 23:58, Jean-Yves Avenard jyaven...@gmail.com wrote:
I did *not* define remote_header_rewrite_domain anywhere, yet the
recipient is being rewritten. Unless I misread how this configuration
parameter actually works.
Oh, I see what's going on, as I'm doing my test from a local
On Sat, Aug 28, 2010 at 07:00:58PM +0200, martin f krafft wrote:
The Postfix TLS security policy is based on where the mail is going
(its destination domain or administratively defined gateway).
With administratively defined gateway, you mean an entry in
transport_maps?
Yes. This is
* Victor Duchovni postfix-users@postfix.org:
On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
query_filter = proxyaddresses=...@domain1.ch*
DO NOT use wildcard * patters to match recipients. The correct query
is:
query_filter = proxyAddresses=smtp:%...@domain1.ch
* Patrick Ben Koetter p...@state-of-mind.de:
Is smtp:%s sufficient? IIRC the main mail address is noted as SMTP:%s. A
query that catches those too would be this:
query_filter = (|(proxyAddresses=smtp:%s)(proxyAddresses=SMTP:%s))
On second thought...
A query that matches all aliases
On Mon, Aug 30, 2010 at 04:39:46PM +0200, Patrick Ben Koetter wrote:
* Victor Duchovni postfix-users@postfix.org:
On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
query_filter = proxyaddresses=...@domain1.ch*
DO NOT use wildcard * patters to match recipients. The
On Mon, Aug 30, 2010 at 04:45:39PM +0200, Patrick Ben Koetter wrote:
* Patrick Ben Koetter p...@state-of-mind.de:
Is smtp:%s sufficient? IIRC the main mail address is noted as SMTP:%s. A
query that catches those too would be this:
query_filter =
* Victor Duchovni postfix-users@postfix.org:
Is smtp:%s sufficient? IIRC the main mail address is noted as SMTP:%s. A
query that catches those too would be this:
The proxyAddresses field is matched case-insensitively. No fancy gymnastics
required:
query_filter =
On Mon, 2010-08-30 at 22:56 +1000, Jean-Yves Avenard wrote:
Hi there.
Moving from sendmail to a macos 10.6 server that ships with postfix..
There are a few things that I'm trying to replicate from sendmail into
postifx, but I'm not having much luck.
Problems:
2- When using a non encrypted
On Mon, Aug 30, 2010 at 04:58:48PM +0200, Patrick Ben Koetter wrote:
* Victor Duchovni postfix-users@postfix.org:
Is smtp:%s sufficient? IIRC the main mail address is noted as
SMTP:%s. A
query that catches those too would be this:
The proxyAddresses field is matched
Hi
On 31 August 2010 01:00, Adam Tauno Williams awill...@whitemice.org wrote:
A separate parameter controls Postfix SASL mechanism policy during a
TLS-encrypted SMTP session. The default is to copy the settings from the
unencrypted session:
smtpd_sasl_security_options = noanonymous,
On Mon, Aug 30, 2010 at 06:16:24PM +0200, Victoriano Giralt wrote:
How does Postfix react to this?
I see this in the logs:
Aug 30 18:10:27 correoe1 postfix/proxymap[19744]: warning:
dict_ldap_connect: Unable to bind to server ldap://10.0.1.6:389
ldap://10.0.1.7:389 as cn=bind dn here: 9
I will be out of the office starting 08/30/2010 and will not return until
09/05/2010.
I will respond to your message when I return.
Jean-Yves Avenard:
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
If this does not announce the SASL mechanisms that you expect, then
the missing mechanisms are not
On Tue, Aug 31, 2010 at 02:57:05AM +1000, Jean-Yves Avenard wrote:
smtpd_pw_server_security_options = gssapi,cram-md5,plain,login
smtpd_recipient_restrictions = permit_sasl_authenticated
permit_mynetworks reject_unauth_destination check_policy_service
unix:private/policy permit
I just started to follow this thread and had deleted the rest before. If I can
be of any assistance in terms of Cyrus SASL let me know. Mac OS X runs its own
special Cyrus SASL and I might not be able to help all the way. Anyway...
p...@rick
* Wietse Venema postfix-users@postfix.org:
Wietse
On Mon, 2010-08-30 at 13:04 -0400, Wietse Venema wrote:
Jean-Yves Avenard:
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
If this does not announce the SASL mechanisms
On Mon, Aug 30, 2010 at 01:32:25PM -0400, Adam Tauno Williams wrote:
On Mon, 2010-08-30 at 13:04 -0400, Wietse Venema wrote:
Jean-Yves Avenard:
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous, noplaintext
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive reply as with reject_r*bl_client?
Without having to write a content filter to be called in action
filter:nexthop in
On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive reply as with reject_r*bl_client?
Not from Postfix. There is
On 08/30/2010 02:06 PM, Stan Hoeppner wrote:
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive reply as with reject_r*bl_client?
Without having to write a content filter to be
Victor Duchovni:
On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive reply as with reject_r*bl_client?
Not
Ok, I'm really confused about that LDAP lookup stuff :-/
What I want to do is to check if an address to which a message is addressed
really exists.
I'm currently using this script for local receipient checks:
bind_dn = j...@hive.loc
bind_pw =
server_host = 192.168.8.254
#Global Catalog
On Mon, Aug 30, 2010 at 08:50:33PM +0200, Marco Rebsamen wrote:
Ok, I'm really confused about that LDAP lookup stuff :-/
What I want to do is to check if an address to which a message is addressed
really exists.
I'm currently using this script for local receipient checks:
bind_dn =
SMTP engine (similar to the smtp-sink
test program) to log the client/helo/sender/recipient for blocked
mail, and c) a simple form of greylisting if time permits.
Wietse
Incompatibility with snapshot 20100830
==
Use postfix reload after installing
also sprach Wietse Venema wie...@porcupine.org [2010.08.28.2324 +0200]:
Due to some issues we've been having[0], I would like to have a more
permanent means of confirmation that everything is in order.
Specifically, I would like to see in the logs when a security policy
was matched and
also sprach Victor Duchovni victor.ducho...@morganstanley.com
[2010.08.30.1611 +0200]:
Is it intentional then that the TLS policy map is searched for
the nexthop, if one is defined there?
Yes.
Does it /also/ check the policy for the recipient domain?
No. TLS policy is by nexthop.
-Ursprüngliche Nachricht-
Von: Victor Duchovni [mailto:victor.ducho...@morganstanley.com]
Gesendet: Montag, 30. August 2010 21:18
An: Marco Rebsamen
Cc: postfix-users@postfix.org
Betreff: Re: local_recipient_maps with LDAP
On Mon, Aug 30, 2010 at 08:50:33PM +0200, Marco Rebsamen wrote:
On Mon, Aug 30, 2010 at 09:42:29PM +0200, martin f krafft wrote:
also sprach Victor Duchovni victor.ducho...@morganstanley.com
[2010.08.30.1604 +0200]:
Due to some issues we've been having[0], I would like to have a more
permanent means of confirmation that everything is in order.
On Mon, Aug 30, 2010 at 09:46:26PM +0200, Marco Rebsamen wrote:
search_base = DC=hive, DC=loc
query_filter = proxyAddresses=smtp:*...@unimatrix0.ch
result_attribute = proxyAddresses
What is that pesky * doing in your query filter!!!
It's a damn wildcard! I thought I would need it
also sprach Victor Duchovni victor.ducho...@morganstanley.com
[2010.08.30.2148 +0200]:
Exactly as promised. Trusted != Verified. Trusted just means that
the peer certificate signature is valid, but no actual validation
of the peername took place.
Oh, I am sorry for this oversight on my side.
Le 30/08/2010 11:19, Ralph Seichter a écrit :
On 29.08.10 21:40, Noel Jones wrote:
Sorry, I forgot to specify the map type in my example. It must be
either regexp: or pcre:.
No need for you to apologize. I feel quite silly, because you obviously
specifed a regular expression in your example,
On 30.08.10 22:11, mouss wrote:
are you saying dovecot lmtp implementation has such a bug?
I think that Dovecot is a great piece of software and would not presume
to imply that it has a faulty LMTP implementation. More likely, I made
some mistake in configuring Dovecot. Currently, all my
Hi,
I got a lot of spam lately from dynamic hosts so gradually I have been
adding rules to block them with the help of the rules from
http://gabacho.reto.jp/en/anti-spam/anti-spam-system.html
Unfortunately this type keeps slipping through:
Received: from 200-161-108-143.dsl.telesp.net.br
My
Hello,
I have a box running multiple instances of Postfix on multiple IP
addresses (this is a pre-2.6 installation, so the multiple instances are
handled the old way by defining multiple postfix config directories). I
currently have syslog_name set for each instance so I can correlate
the
Wietse Venema put forth on 8/30/2010 1:29 PM:
Victor Duchovni:
On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive
Patrick Lists put forth on 8/30/2010 4:34 PM:
Hi,
I got a lot of spam lately from dynamic hosts so gradually I have been
adding rules to block them with the help of the rules from
http://gabacho.reto.jp/en/anti-spam/anti-spam-system.html
Unfortunately this type keeps slipping through:
On 08/31/2010 12:40 AM, Stan Hoeppner wrote:
[snip]
/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.(customer|dsl|dial-up)\.telesp\.net\.br$/
REJECT Generic - Please relay via ISP (telesp.net.br)
That's all one line, TB wrapped it. You may as well just use this.
Over 1600 regex patterns matching
Stan Hoeppner:
Wietse Venema put forth on 8/30/2010 1:29 PM:
Victor Duchovni:
On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
.*
--
From: Patrick Lists postfix-l...@puzzled.xs4all.nl
Sent: Monday, August 30, 2010 2:34 PM
To: postfix-users@postfix.org
Subject: Regexp for blocking dynamic hosts?
Hi,
I got a lot of spam lately from dynamic hosts so gradually I have been
Marco Rebsamen mrebsa...@unimatrix0.ch wrote in message
news:f70fd6682c026e40970a322e98e764545...@tranceiver.hive.loc...
Hello Everybody
I wan't to have my local recipeints checked against my Active Directory. So I
have created the .cf file with the LDAP parameters:
bind_dn =
Patrick Lists put forth on 8/30/2010 6:00 PM:
On 08/31/2010 12:40 AM, Stan Hoeppner wrote:
[snip]
/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.(customer|dsl|dial-up)\.telesp\.net\.br$/
REJECTGeneric - Please relay via ISP (telesp.net.br)
That's all one line, TB wrapped it. You may as well
On 8/30/2010 4:54 PM, Justin Pasher wrote:
Hello,
I have a box running multiple instances of Postfix on multiple
IP addresses (this is a pre-2.6 installation, so the multiple
instances are handled the old way by defining multiple postfix
config directories). I currently have syslog_name set for
First, I submit my postconf -n, made anonymous, but should still be
accurate.
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
alternate_config_directories = /etc/postfix-alt
anvil_rate_time_unit = 60s
anvil_status_update_time = 600s
biff = no
I have a question regarding recipient delimiters. I need to set the recipient
delimiter for my mailing lists (mailman) with - but I also need to set the
recipient_delimiter to + for my calendar server.
How can I set the recipient_delimiter to include both values?
Thank you for your
Hi
On 31 August 2010 03:04, Wietse Venema wie...@porcupine.org wrote:
If this does not announce the SASL mechanisms that you expect, then
the missing mechanisms are not installed with the Cyrus SASL library.
I do appreciate that you took the time to answer my questions..
Especially as I
Hi
On 31 August 2010 03:42, Victor Duchovni
victor.ducho...@morganstanley.com wrote:
Probably not surprising when the Cyrus library is pre-empted by Apple's
pw server, and the mechanism list is defined in an Apple-specific
configuration parameter.
I just compiled sendmail for mac os 10.6.
54 matches
Mail list logo